Sr. Security Threat Analyst - REMOTE

Software Guidance & Assistance, Inc., (SGA), is searching for a Sr. Security Threat Analyst - REMOTE for a Contract assignment with one of our premier Healthcare Services clients in Jacksonville, FL . Responsibilities :

• Creation and tuning of database monitoring policies.
• This role will focus on systems and tools associated with database activity security monitoring, event correlation, vulnerability scanning, and configuration compliance.
• Candidates will be responsible for optimizing policies/alerts and facilitating the support of existing enterprise database activity monitoring solutions.
• Specific deliverables will support IBM Guardium Database Activity Monitoring, Vulnerability Assessor and Configuration Auditing System components and should have experience with core DBMS technologies including, but not limited to Oracle, IBM DB2 LUW, Microsoft SQL, Mongo, and Hadoop.
• Secondary responsibilities will be as an active member of the Enterprise Threat Management team.
• This team participates in intelligence gathering and sharing, security monitoring, alerting, and incident response activities.
• Performs testing, monitoring, configuration, maintenance and troubleshooting of any assigned technology
• Technical experience with design and configuration of database monitoring automation and workflow features, as well enabling integration to a SIEM, inventory and/or ticketing system such as Splunk and/or Remedy.
• Understanding of industry security logging standards and best practices.
• Resolves alerts and performs remediation activities for system or SOC generated alerts and notables.
• Collects and presents data for audit, reporting, and planning.
• Assists with developing tactical strategies, processes, and procedures related to database monitoring, systems, and application administration.
• Assist in identification of approaches to enable business need while protecting the enterprise database infrastructure.
• Serves as a liaison with IT and business area partners to identify, understand, document, and advise on security requirements, impacts, and risks.
• Develops and maintains documentation for security systems, processes, procedures, and security diagrams.
• Participates in initiatives to identify, select, and implement technical controls in accordance with best practice.
• Other duties as assigned

• Ideal candidate will have strong technical background in one or multiple disciplines (security tool administration, network, python coding and development , endpoint, or application packaging) and able to participate as part of the Incident Response team as a threat analyst.
• This position will have an additional focus on Guardium database monitoring and policy creation. Familiarity with one or more database technologies is a plus.
• 6+ years related work experience. Experience Details: IT Security
• Required Education: Related Bachelor's degree or additional related equivalent work experience IT related field
• 2+ years Database activity and structure data access monitoring and policy experience (e.g. IBM Guardium, Imperva, Managed Engine, etc.)
• 2-4 years of experience in systems and information security administration
• 1-2 years professional experience related to Database compliance and Security Monitoring
• Preferred:
• Experience analyzing business requirements and translating them into technical solutions Isn't this architecture? Or is it audit/compliance requirements they're translating?
• Industry standard Cyber Security Certifications: CISSP, CompTIA Security+, SANS GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (ISC2 SSCP), ISACA Certified in Risk and Information Systems Control (CRISC)
• Working knowledge of core database platforms: Oracle, Microsoft SQL Server, IBM DB2/LUW, Mongo, Hadoop, and PostgreSQL
• Experience with log management and enterprise log management implementations
• Demonstrate a working knowledge of multiple technologies, their interfaces, and integration
• Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
• Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
• Knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
• Ability to manage tasks independently and take ownership of responsibilities
• Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
• Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
• Ability to adapt to a rapidly changing environment
• Critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
• Experience integrating with SOAR platforms
• Familiarity with PCI, HIPAA, NIST, HITRUST, SOC2, and other compliance frameworks

• CISSP - Cert Information Systems Security Prof Or CEH, CISM, CRISC, etc
• 3-5 years of Security Operations Center Threat Analysis experience
• Experience using Agile methodology